thr3ads.net - samba - [Samba] Winbindd runs interactively, fails as a daemon [Jan 2019]

If this information is useful, please help other people find it:
Share via:

Nick Howitt

2019-Jan-30 12:44 UTC

[Samba] Winbindd runs interactively, fails as a daemon

Hi,
I have server which is joined to an AD DC but I am having problems 
starting or keeping winbind running. If I reboot the server, it fails to 
start. If I then start it with "winbindd -i" it runs. I can then 
terminate it and run it as a service and it works for a while. At some 
indeterminate point in the future it may fail again.

When trying to start it initially (before a winbindd -i) with loglevel 
3, I am seeing the following in the MYSERVER-winbindd logs:
[2019/01/30 11:27:56.311372,  3] 
../source3/param/loadparm.c:3847(lp_load_ex)
   lp_load_ex: refreshing parameters
[2019/01/30 11:27:56.311404,  3] 
../source3/param/loadparm.c:543(init_globals)
   Initialising global parameters
[2019/01/30 11:27:56.311415,  2] 
../source3/param/loadparm.c:315(max_open_files)
   rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
[2019/01/30 11:27:56.311460,  3] 
../source3/param/loadparm.c:2761(lp_do_section)
   Processing section "[global]"
[2019/01/30 11:27:56.311989,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface lo ip=::1 bcast= 
netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2019/01/30 11:27:56.312032,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2019/01/30 11:27:56.312045,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface eth0 ip=10.20.40.248 bcast=10.20.40.255 
netmask=255.255.255.0
[2019/01/30 11:27:56.312069,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface eth1 ip=192.168.20.1 bcast=192.168.20.255 
netmask=255.255.255.0
[2019/01/30 11:27:56.312198,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface lo ip=::1 bcast= 
netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2019/01/30 11:27:56.312210,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2019/01/30 11:27:56.312219,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface eth0 ip=10.20.40.248 bcast=10.20.40.255 
netmask=255.255.255.0
[2019/01/30 11:27:56.312232,  2] 
../source3/lib/interface.c:345(add_interface)
   added interface eth1 ip=192.168.20.1 bcast=192.168.20.255 
netmask=255.255.255.0
[2019/01/30 11:27:56.317034,  1] 
../source3/lib/tdb_validate.c:480(tdb_validate_and_backup)
   tdb '/var/lib/samba/winbindd_cache.tdb' is valid
[2019/01/30 11:27:56.358707,  1] 
../source3/lib/tdb_validate.c:490(tdb_validate_and_backup)
   Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb 
'/var/lib/samba/winbindd_cache.tdb'
[2019/01/30 11:27:56.359028,  2] 
../source3/winbindd/winbindd_util.c:283(add_trusted_domain_from_tdc)
   Added domain BUILTIN (null) S-1-5-32
[2019/01/30 11:27:56.359050,  2] 
../source3/passdb/pdb_interface.c:161(make_pdb_method_name)
   No builtin backend found, trying to load plugin
[2019/01/30 11:27:56.360125,  3] 
../lib/util/modules.c:167(load_module_absolute_path)
   load_module_absolute_path: Module '/usr/lib64/samba/pdb/tdbsam.so'
loaded
[2019/01/30 11:27:56.360178,  2] 
../source3/winbindd/winbindd_util.c:283(add_trusted_domain_from_tdc)
   Added domain MYSERVER (null) S-1-5-21-1816223972-1230817346-2711509928
[2019/01/30 11:27:56.360216,  2] 
../source3/winbindd/winbindd_util.c:283(add_trusted_domain_from_tdc)
   Added domain DC DC.NJH.LAN S-1-5-21-2586452059-1910575978-1497397321
[2019/01/30 11:27:56.360259,  2] 
../source3/lib/tallocmsg.c:56(register_msg_pool_usage)
   Registered MSG_REQ_POOL_USAGE
[2019/01/30 11:27:56.360268,  2] 
../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs)
   Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
[2019/01/30 11:27:56.360577,  0] 
../lib/util/become_daemon.c:124(daemon_ready)
   STATUS=daemon 'winbindd' finished starting up and ready to serve 
connections
[2019/01/30 11:27:57.639808,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18144]: request interface version (version = 29)
[2019/01/30 11:27:57.639881,  3] 
../source3/winbindd/winbindd_misc.c:428(winbindd_priv_pipe_dir)
   [18144]: request location of privileged pipe
[2019/01/30 11:27:57.639950,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18144]: request interface version (version = 29)
[2019/01/30 11:27:57.640006,  3] 
../source3/winbindd/winbindd_misc.c:383(winbindd_info)
   [18144]: request misc info
[2019/01/30 11:27:57.640062,  3] 
../source3/winbindd/winbindd_misc.c:416(winbindd_netbios_name)
   [18144]: request netbios name
[2019/01/30 11:27:57.640115,  3] 
../source3/winbindd/winbindd_misc.c:405(winbindd_domain_name)
   [18144]: request domain name
[2019/01/30 11:27:57.640204,  3] 
../source3/winbindd/winbindd_misc.c:237(winbindd_domain_info)
   [18144]: domain_info [DC]
[2019/01/30 11:27:59.841648,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18146]: request interface version (version = 29)
[2019/01/30 11:27:59.841767,  3] 
../source3/winbindd/winbindd_misc.c:428(winbindd_priv_pipe_dir)
   [18146]: request location of privileged pipe
[2019/01/30 11:27:59.841850,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18146]: request interface version (version = 29)
[2019/01/30 11:27:59.841907,  3] 
../source3/winbindd/winbindd_misc.c:383(winbindd_info)
   [18146]: request misc info
[2019/01/30 11:27:59.841962,  3] 
../source3/winbindd/winbindd_misc.c:416(winbindd_netbios_name)
   [18146]: request netbios name
[2019/01/30 11:27:59.842016,  3] 
../source3/winbindd/winbindd_misc.c:405(winbindd_domain_name)
   [18146]: request domain name
[2019/01/30 11:27:59.842073,  3] 
../source3/winbindd/winbindd_misc.c:237(winbindd_domain_info)
   [18146]: domain_info [DC]
[2019/01/30 11:28:00.087153,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18148]: request interface version (version = 29)
[2019/01/30 11:28:00.087224,  3] 
../source3/winbindd/winbindd_misc.c:428(winbindd_priv_pipe_dir)
   [18148]: request location of privileged pipe
[2019/01/30 11:28:00.087291,  3] 
../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
   [18148]: request interface version (version = 29)
[2019/01/30 11:28:00.087370,  3] 
../source3/winbindd/winbindd_misc.c:383(winbindd_info)
   [18148]: request misc info
[2019/01/30 11:28:00.087456,  3] 
../source3/winbindd/winbindd_misc.c:416(winbindd_netbios_name)
   [18148]: request netbios name
[2019/01/30 11:28:00.087514,  3] 
../source3/winbindd/winbindd_misc.c:405(winbindd_domain_name)
   [18148]: request domain name
[2019/01/30 11:28:00.087575,  3] 
../source3/winbindd/winbindd_misc.c:237(winbindd_domain_info)
   [18148]: domain_info [DC]
[2019/01/30 11:28:01.264413,  0] 
../source3/winbindd/winbindd.c:281(winbindd_sig_term_handler)
   Got sig[15] terminate (is_parent=1)

I have tried clearing all the tdb files in /var/lib/samba (but not the 
sub-directories) and rejoining the domain.
I do not understand why it is terminating, especially as it does not 
when run interactively or when it is started after it has been run 
interactively.

I am running v4.7.1

TIA,
Nick

Rowland Penny

2019-Jan-30 13:38 UTC

head link

[Samba] Winbindd runs interactively, fails as a daemon

On Wed, 30 Jan 2019 12:44:51 +0000
Nick Howitt via samba <samba at lists.samba.org> wrote:
> Hi,
> I have server which is joined to an AD DC but I am having problems 
> starting or keeping winbind running. If I reboot the server, it fails
> to start. If I then start it with "winbindd -i" it runs. I can
then
> terminate it and run it as a service and it works for a while. At
> some indeterminate point in the future it may fail again.
> 
What OS ?
What is in your smb.conf ?

Rowland

Nick Howitt

2019-Jan-30 13:58 UTC

head link

[Samba] Winbindd runs interactively, fails as a daemon

On 30/01/2019 13:38, Rowland Penny via samba wrote:> On Wed, 30 Jan 2019 12:44:51 +0000
> Nick Howitt via samba <samba at lists.samba.org> wrote:
>
>> Hi,
>> I have server which is joined to an AD DC but I am having problems
>> starting or keeping winbind running. If I reboot the server, it fails
>> to start. If I then start it with "winbindd -i" it runs. I
can then
>> terminate it and run it as a service and it works for a while. At
>> some indeterminate point in the future it may fail again.
>>
> What OS ?
> What is in your smb.conf ?
>
>OS is ClearOS 7.5 (a Centos derivative which has not yet moved to 7.6)

smb.conf is:

[global]
unix password sync = No
# General
netbios name = MyServer
workgroup = DC
server string = MyServer
security = ads
realm = dc.njh.lan
password server = localdc.dc.njh.lan
ntlm auth = yes

# Logging
log level = 1
log file = /var/log/samba/%L-%m
max log size = 0
utmp = Yes

# Network
bind interfaces only = Yes
interfaces = lo eth0 eth1
nmbd bind explicit broadcast = yes
socket address = 192.168.20.1

# Printing
printcap name = /etc/printcap
load printers = Yes

# Security settings
guest account = guest
#restrict anonymous = 2

# WINS
wins support = No
wins server = localdc.dc.njh.lan

# PDC/BDC
domain logons = No
add machine script = /usr/sbin/samba-add-machine "%u"
logon drive = U:
logon script = logon.cmd
logon path logon home = \\%L\%U

# Winbind
idmap config DC : backend = rid
idmap config DC : range = 20000000-29999999
idmap config * : backend = tdb
idmap config * : range = 30000000-39999999
winbind enum users = Yes
winbind enum groups = Yes
winbind expand groups = 1
winbind offline logon = Yes
winbind use default domain = true
winbind separator = +
template homedir = /home/%U
template shell = /sbin/nologin

# Other
preferred master = No
domain master = No
passwd program = /usr/sbin/userpasswd %u
passwd chat = *password:* %n\n *password:* %n\n *successfully.*
passwd chat timeout = 10
username map = /etc/samba/smbusers
wide links = No
allow trusted domains = Yes

# LDAP settings
# include = /etc/samba/smb.ldap.conf

# Winbind LDAP settings
# include = /etc/samba/smb.winbind.conf

#============================ Share Definitions 
=============================
# Flexshare
# include = /etc/samba/flexshare.conf

[homes]
     comment = Home Directories
     path = /home/%U
     valid users = %D\%S, %D+%S, %S
     read only = No
     browseable = No
     available = Yes

[printers]
     comment = Print Spool
     path = /var/spool/samba
     printing = cups
     cups options = raw
     use client driver = Yes
     printable = Yes
     read only = No
     browseable = No
     available = No

[print$]
     comment = Printer Drivers
     path = /var/samba/drivers
     read only = No
     browseable = No
     available = No

[netlogon]
     comment = Network Logon Service
     path = /var/samba/netlogon
     read only = No
     locking = No
     browseable = No
     available = No

[profiles]
     comment = Profile Share
     path = /var/samba/profiles
     read only = No
     profile acls = Yes
     browseable = No
     available = No
     force group = domain_users
     force directory mode = 02775

The two lines:
nmbd bind explicit broadcast = yes
socket address = 192.168.20.1

are because I need to stop nmb from listening on all addresses as the AD 
DC is running in Docker on this machine and the docker image won't start 
if nmb is listening on all addresses

Seemingly Similar Threads

Search for more reasonably related threads

samba - Jan 2019 - Winbindd runs interactively, fails as a daemon

[Samba] Winbindd runs interactively, fails as a daemon

[Samba] Winbindd runs interactively, fails as a daemon

[Samba] Winbindd runs interactively, fails as a daemon

Seemingly Similar Threads